GNUCITIZEN posted more information and a good FAQ about the dangers of UPnP and the Flash UPnP attack that they describe.
Read More
Monthly Archives: January 2008
UPnP Dangers
0
Filed under Hacking
Steal Schneier’s Wifi
Filed under Wireless Security
I was in total dismay when I read the recent commentary by known security expert Bruce Schneier about how he leaves his home wireless network open..yes, meaning no encryption..wide open free wifi generously donated to the neighborhood by Bruce. While I understand some of the points he was trying to make I started to really think more about this idea after reading two articles on Bruce’s decision.
Read More
Share and Enjoy
Hacking UPnP Devices
Filed under Hacking
Very good article over at GNUCITIZEN (as always) about what UPnP (Universal Plug and Play) is and how hackable it can be (some quite scary stuff actually). More and more devices are UPnP compatible nowadays, for example, the PS3 and Xbox 360 can be a media server client and use UPnP. Also, most home wireless routers are UPnP compatible which makes setting them up on a network quite easy. Looks like they are developing their own UPnP testing toolkit to be released in the near future…looking forward to it.
Share and Enjoy
Password Safe, Good – Password Gorilla, Better
Filed under General Security
I wanted to provide everyone with an update on how things are going with Password Safe. While Password Safe is a great program, I have found that the “Gorilla” is the bigger, badder animal…
< %image(20080110-password_gorilla.jpg|112|123|Password Gorilla Logo)%>
Read More
Share and Enjoy
How to Secure Linux Laptops
Filed under Linux
<%image(20080109-tux.jpg|97|117|Secure Tux)%>
Good article over at Linux.com about how to secure your Linux laptop from a physical and data perspective (including hard disk encryption). I usually see a ton of articles about how to secure Windows and Mac laptops but not a lot on Linux. From the article:
“There are three problems with having a computer stolen: the loss of the machine, the loss of the information on it, and the possible security breach if that information includes sensitive information or client data. Each of those problems requires a different approach.”
The author talks about several different solutions around whole disk, separate partition, and USB encryption using solutions like dm-crypt and TrueCrypt. I am a personal fan of TrueCrypt and I have been using that to secure my data to a USB drive. There is also some good stuff on laptop tracking solutions for Linux. Don’t forget, one of the best deterrents…is to use a cable lock..yes, a cable lock can easily be cut but as a deterrent to physical theft it works pretty well.
Share and Enjoy
Tiger Team Cancelled?
Filed under Penetration Testing
Just saw this on Richard Bejtlich’s blog…
“I (Richard) contacted several PR reps at TruTV and asked about Tiger Team’s future. One of them wrote back:
Thank you for your email and interest in Tiger Team. Tiger Team was a special and likely won’t be returning. Please let me know if I can assist you with anything else.“
Thats really too bad. I thought this was a great show! I guess I am biased however, since I am a penetration tester myself. 
The more I think about this I assume that the general public may think that the “tiger team” concept is a little over the top…as well as trying to find companies that want to go on the record that they got hacked and/or robbed. Oh well it was a great show while it lasted!
Share and Enjoy
Top 5 Female Hackers in Film History
Filed under Hacking
Just saw this posted on a blog…Trinity should be moved up to 1st place! She used nmap to find a vulnerable SSH server!
Leah Culver – Top 5 Female Hackers in Film History
Someone should put together a TV show “Top 5 Female Hackers”..my vote for #1 is Chloe O’Brian from 24.
<%image(20080104-24chloe_o_brian.jpg|284|198|Super Hacker Chloe O'Brian)%>
She’s the only one that could hack into the NSA database in under 5 minutes while redirecting CTU satellites for Jack.
Share and Enjoy
WiFi flu?
Filed under Wireless Security
Interesting post about a viral router attack…with so many unencrypted wireless access points (including ones with WEP) this is seeming more and more like a future possibility. From the article:
“Historically, the vast majority of trojans, worms, and viruses have targeted the (Windows) PC. Attack and propagation methods may have grown more sophisticated, but the PC has remained the focus of most malware. According to a paper written by a team of researchers at Indiana University, however, this could change in the future. According to the team’s research, an attack that specifically targets wireless routers and spreads between them at any point where coverage overlaps could quickly and easily propagate throughout an entire city.”
Interesting if you think of the possibilities…a worm that uses default router login’s, unsecured wireless, and weak encryption keys…fun.
Share and Enjoy
Sears.com installs dangerous spyware
Filed under General Security
Saw this on Digg today…this is a must read! A security researcher, Benjamin Googins from CA, discovered that the Sears/Kmart “community” web site installs extremely dangerous spyware. From the researchers blog post:
“Sears.com is distributing spyware that tracks all your Internet usage – including banking logins, email, and all other forms of Internet usage – all in the name of “community participation.” Every website visitor that joins the Sears community installs software that acts as a proxy to every web transaction made on the compromised computer. In other words, if you have installed Sears software (“the proxy”) on your system, all data transmitted to and from your system will be intercepted.”
How this still even possible with privacy laws and other regulations? Especially from a major retailer like Sears. Super scary stuff! Reminds me of the Sony Rootkit issue awhile back….check out the links below for more information on this.
Digg – Sears: Come see the softer side of spyware
Updates to the original blog posting from Benjamin.
More updates with full screen shots of the spyware installation.
Share and Enjoy
The Wii has been hacked
Filed under Video Game Hardware Hacking
I was wondering when someone was going to finally hack the Wii! Well it seems that it has finally been done…at least partially. The hack demonstration apparently took place at 24C3 (24th Annual Chaos Communication Congress) last week. The hackers demonstrated a way to run native Wii homebrew (not in GameCube mode) that even includes full access to the Wii hardware.
“They were able to find encryption and decryption keys by doing full memory dumps at runtime over a custom serial interface. Using these keys, they were able to create a Wii ‘game’ that ran their own code (their demo happened to show live sensor/Wiimote information, amongst a few other things).”
So what does this mean? Hopefully you will be able to run homebrew via custom firmware, emulators, and even launch programs from a SD card…perhaps even a Linux Channel a some point?
Here is an interview with one of the hackers and a link to the YouTube video of the demo.
